Is Robinhood Safe?

If you use or plan to use Robinhood, you need to know: Is Robinhood safe? 

Below, we explain whether Robinhood is: 

• Safe to use. 
• Good for privacy. 

We also look at some steps you can take to improve both your safety and privacy when using this online service. 

What Is Robinhood?

Robinhood is a U.S.-based financial technology company that operates a digital platform for individual investors to trade stocks, exchange-traded funds (ETFs), options, and cryptocurrencies without paying commission fees. 

There is no dollar minimum to open or maintain a Robinhood account. 

Launched in 2014, Robinhood revolutionized the brokerage industry by offering a commission-free model, making investing more accessible to a broader audience.

Is Robinhood Safe?

Yes, Robinhood is generally considered safe to use. 

Robinhood is registered with the U.S. Securities and Exchange Commission (SEC) and is a member of the Financial Industry Regulatory Authority (FINRA). 

It is also a member of the Securities Investor Protection Corporation (SIPC), which protects the securities and cash in customer accounts up to $500,000 (including $250,000 for cash claims).

The security company UpGuard gives Robinhood a security rating of 849/950 based on its external attack surface. 

However, the company has experienced some security incidents in the past:

• In 2019, Robinhood notified some customers that the company had accidentally stored their passwords in cleartext. There was no evidence that passwords were accessed by bad actors. 
• In 2021, Robinhood was hacked, which resulted in millions of customer names and email addresses stolen. 

Robinhood has also faced criticism over how it handled the GameStop trading frenzy in 2021 and its method of revenue generation through payment for order flow. These incidents raised questions about the platform’s reliability and alignment with customer interests. 

Additionally, some people reported that Robinhood froze their accounts. 

The company has also experienced service outages and interruptions, which resulted in a class-action lawsuit. The company agreed to a $9.9 million settlement.

Another thing to note is that Robinhood doesn’t have a clear policy about account hacks (i.e., what happens if a cybercriminal hacks into your account). However, it does offer two-factor authentication (2FA) and biometric login (on mobile devices) and automatically logs you out of its app after an extended inactivity period. 

Is Robinhood Private?

Everybody has a different definition of privacy when it comes to apps and websites like Robinhood. 

Robinhood uses industry-standard encryption technologies to protect user data, both in transit and at rest. 

During the 2021 Robinhood hack, cybercriminals were (for the most part) only able to collect user information like names and email addresses. While exposure of even this seemingly innocuous data puts individuals at risk, Robinhood seems to have been able to encrypt the most sensitive data it holds.

The company was also prompt in notifying customers and authorities about the breach.

As for Robinhood’s privacy policy, it is detailed and relatively easy to read. 

Robinhood collects a lot of information about users, including identity and contact data, financial data (like information about your income, credit history, etc.), and location data (they can collect your mobile device’s GPS location if you’ve enabled this on your device). 

Besides acquiring data about you from you directly, they also use third-party sources. For example, Robinhood obtains information about you from publicly available sources such as public social media content. 

If you’re in another Robinhood user’s contact list and they share that list with the company, that’s another way for Robinhood to get data about you. 

The company lists with whom it might share your personal information with. 

This list includes third-party vendors and service providers, such as fraud protection services and advertising agencies, companies in which you hold securities, banking and credit card partners, and affiliates. 

Robinhood can share your information with relevant parties in case of a substantial corporate transaction like a merger and for legal purposes, as well. 

Robinhood also uses data for targeted advertising. 

If you live in a state with consumer privacy laws like California or Virginia, you get additional rights per Robinhood’s privacy policy. 

The company does not respect or take action in response to “Do not track” signals, and it’s not clear if Robinhood notifies users when they make changes to their privacy policy. 

How to Improve Your Safety and Privacy on Robinhood

Take the below steps to improve your safety and privacy on Robinhood.

• Enable two-factor authentication (2FA). This is an easy way to add more protection to your Robinhood account. 
• Use strong, unique passwords. Create complex passwords that are unique to Robinhood and change them regularly.
• Regularly monitor your account. Check your account frequently for any unauthorized transactions or changes.
• Be wary of phishing attempts. Learn to spot and avoid phishing emails or messages pretending to be from Robinhood. SecureWorld has a guide on how to spot phishing emails from cybercriminals pretending to be Robinhood. 
• Limit sharing of personal information online and set your social media profiles to private. Companies like Robinhood collect your personal information from public sources such as public social media profiles.  
• Secure your devices. Your devices should be protected with up-to-date antivirus software, firewalls, and the latest security patches.
• Review and update account profile information. Robinhood lets you update certain information on your account profile, like your username or profile picture (you are not required to upload a photo of yourself, so don’t.). 
• Manage profile visibility. You can adjust the visibility settings for your Pay & Request profile to prevent it from being visible to everyone (which is the case by default). 
• Disconnect the mobile app’s access to certain information. You can withdraw permission for the Robinhood app to access your photo gallery, contact list, and your device’s precise location. 
• Opt-out of affiliate sharing. Limit information sharing between Robinhood affiliates by contacting privacy@robinhood.com and referring to the relevant Financial Privacy Notices (RHF and RHS Financial Privacy Notice, RHC Financial Privacy Notice, RHY Financial Privacy Notice, and RCT Financial Privacy Notice).
• Disable certain data sharing. Through Robinhood’s settings, you can restrict how your personal data is shared with marketing partners to prevent data use in targeted advertising.
• Adjust cookie controls. Check if your browser settings are set to reject or delete cookies and similar tracking technologies (bearing in mind that this might affect the functionality of Robinhood’s services).